REMARKS 

As a preliminary note, although the pending claims have not been formally rejected, 
Applicants wish to point out that among other things, the black list described in the Perlman 
reference and the operation of the user's computer in Perlman et al. is distinctly different from 
Applicants' claimed invention. For example, Perlman et al. appears to be silent as to, among 
other things, that the end user provides certificate update subscription information that includes 
the identity of a plurality of subscriber subjects that the end user is interested in communicating 
with to effectively allow selective update information for a subscriber subject selected by an end 
user. Moreover, the claims require, among other things, providing the certificate update 
subscription information to the server to allow the server to selectively provide update 
information for those subscriber subjects selected by the end user. In contrast, the blacklist of 
1^ Perlman et al. is simply a list of only revoked or invalid certificates none of which appear to be 
0 selectively chosen by the end user nor selectively evaluated by the server. The blacklist does not 

lad 

P include expired certificates in order to reduce bandwidth. The certification authority of Perlman 
et al. issues a list of certificates that have been revoked either periodically or on demand 
containing a list of certificates that have been issued in the past but which are now to be 
considered invalid. The blacklist supplements lists that include expired certificates. 
Accordingly, Perlman et al. does not, among other things, monitor a specific public key 
C3 certificate in response to subscription information or notifying a user when it changes. In fact, it 
p appears that the user merely stores the blacklist as sent by the server, and does not update, select 
or provide update subscription information. Accordingly, the claims are believed to be in 
condition for allowance. 

Attached hereto is a marked up version of the changes made to the claims by the current 
amendment,. The attached page is captioned "Version With Markings to Show Changes Made." 
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Applicants respectfully submit that the claims are in condition for allowance and 
respectfully request that a timely Notice of Allowance be issued in this case. The Examiner is 
invited to contact the below-listed attorney if the Examiner believes that a telephone conference 

will advance the prosecution of this application. 



Respectfully submitted, 



By: ^ /^^^g^r?^^ < ^^> ^ - 

Christophj^. Reckamp 
Date: December 4, 2001 Registration No. 34,414 
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VERSION WITH MARKINGS TO SHOW CHANGES MADE 



8. (Once Amended) A method for providing certificate updates, the method comprises 
the steps of: 

a) [from time to time, receiving a public key certificate update subscription information 
from a user, wherein the pubhc key certificate update subscription information identifies at least 
one subscriber subject and a public key of the at least one subscriber subject] generating, by an 
end user, certificate update subscription information that includes at least identity of a plurality 
of subscriber subjects that the end user is interested in and their associated public keys, and 
receiving the certificate update subscription information from the user, wherein the certificate 
update subscription information includes current certificates for those subscriber subjects that the 
end user has a desire to communicate with, at least one of identity of at least one of subscriber 
subject, a public key certificate of the at least one subscriber subject, an attribute certificate of 
C3 the subscriber subject, identity of a certification authority and a cross-certificate ; 



13 from the user, when the use is on-line: 

determining whether the user replica of the certificate is consistent with server replica of 
the certificate: and 

when the user replica of the certificate is inconsistent with the server replica of the 
certificate, providing an indication of the server replica of the certificate to the user. 

15. (Once Amended) A method for obtaining public key certificate updates, the 
method comprising the steps of: 

a) [fi-om time to time, providing, by a user, public key certificate subscription to a 
server, wherein the public key certificate update subscription information identifies at least one 
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b) monitoring certificate of the at least one subscriber subject; [and] 



c) when a change occurs to the [public key]certificate, providing an indication of the 
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subscriber subject and a public key of the at least one subscriber subject! generating by a user, 
certificate update subscription information that includes at least identity of at least one subscriber 
subject that the end user is interested in and their associated public keys, and providing v the 
user, the public key certificate update subscription information to a server, wherein the public 
key certificate update subscription information identifies at least one subscriber subject that the 
end user is interested in and their associated public keys ; 

b) monitoring, by the server, public key certificate of the at least one subscriber 
subject; 

c) w^hen a change occurs to the public key certificate, providing by the server, an 
indication of the change to the user; 

d) while on-line, receiving, by the user, the indication of the change; and 

e) determining, by the user, newly updated public key certificate based on the 
indication of the change. 

24. (Once Amended) A server of secure communication system, wherein the server 
comprises: 

processing unit; [and] 

memory operably coupled to the processing unit, wherein the memory stores 
programming instructions that, when read by the processing unit, causes the processing unit to 
(a) [from time to time, receive a public key certificate update subscription information from a 
user, wherein the public key certificate update subscription information identifies at least one 
subscriber subject and a public key of the at least one subscriber subject! generate by a user 
certificate update subscription information that includes at least identity of at least one subscriber 
subject that the end user is interested in and their associated public keys, and receive the 
certificate update subscription information fi-om the user, wherein the certificate update 
subscription information for those subscriber subjects that the end-user has a desire to 
communicate with includes at least one of: identity of at least one of subscriber subject, a public 
key certificate of the at least one subscriber subject, an attribute certificate of the subscriber 
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subject, identity of a certification authority and a cross-certificate: (h) monitor [public key] 
certificate of the at least one subscriber subject and the certification authority : [and](c) provide 
an indication of a change to the user when the change occurs to the [public key] certificate : and 

(i) receive an indication of a user replica of the certificate fi-om the user, when the user is 

on-line; (ii) determine whether the user replica of the certificate is consistent with server 
replica of the certificate; and (iii) provide an indication of the server replica of the 
certificate to the use when the user replica of the certificate is inconsistent with the server 
replica of the certificate . 
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